Adobe hurries out PDF app Flash fixes

Ahead of schedule

Adobe has confirmed plans to release critical security updates for Reader and Acrobat next Tuesday.

The cross-platform patches are designed to plug a Flash-related vulnerability that's become the target of hacking attacks since early this month. Adobe fixed the flaw in Flash Player itself on 10 June. Support for Flash in Adobe's Reader and Acrobat packages meant that the PDF applications were also vulnerable to the same sort of attack, which creates a means for hackers to take control of vulnerable systems after tricking surfers into visiting booby-trapped websites.

Tuesday's patches will update Adobe Reader 9.3.2 and Adobe Acrobat for Windows, Mac and Unix. The earlier Reader 8.2.2 and Acrobat 8.2.2 packages will also get patched. Adobe had initially planned to release the updates as part of a scheduled quarterly update, initially pencilled in for 13 July. In the end, however, the company decided to release them two weeks ahead of schedule in order to address a security threat its previous mitigation and workaround advice only partially tackles. ®